From mboxrd@z Thu Jan 1 00:00:00 1970 From: Keir Fraser Subject: Re: [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains Date: Wed, 11 Jan 2012 17:27:09 +0000 Message-ID: References: <1326302490-19428-4-git-send-email-dgdegra@tycho.nsa.gov> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1326302490-19428-4-git-send-email-dgdegra@tycho.nsa.gov> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Daniel De Graaf , xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org On 11/01/2012 17:21, "Daniel De Graaf" wrote: > This domctl does not allow manipulation of domains, only basic > information such as size and state. XSM modules can also provide > fine-grained control over what domains are visible to domains that call > getdomaininfo. Well there's a reason we might not disallow the hypercall. But why would we actually care to allow it? -- Keir > Signed-off-by: Daniel De Graaf > --- > xen/common/domctl.c | 4 ++++ > 1 files changed, 4 insertions(+), 0 deletions(-) > > diff --git a/xen/common/domctl.c b/xen/common/domctl.c > index a775aa3..2c1ca85 100644 > --- a/xen/common/domctl.c > +++ b/xen/common/domctl.c > @@ -263,6 +263,10 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl) > return -EPERM; > break; > } > +#ifdef XSM_ENABLE > + case XEN_DOMCTL_getdomaininfo: > + break; > +#endif > default: > if ( !IS_PRIV(current->domain) ) > return -EPERM;